Artificial Intelligence and Digital Forensics on Data Governance Breaking Through its Importance to Organizations and its Operations

Nowadays, organizations and its businesses are being affected by threats from different sources, being one of the main, the ever-increasing exponential growth of data, namely the digital one and the digital disruption [1]. In fact, according to Ragan [2], data, specially the actionable one, can be considered as the “secret weapon” on the highly dynamic and everinnovative market that characterizes the industry and financial market nowadays [2]. Likewise, the greatest amount of the decisions that organizations make and choose are based on data [3]. According to Hoppszallern [4], it is unavoidable the importance that information technology and data governance can have in managing and creating value for organizations. In fact, Johnston [5] denotes data management as being amongst the most crucial operations of an organization.

According to this author several and different organizations across multiple industries lack a solid data management framework and strategy, that should protect themselves against incidents occurrences, namely, data disasters, such as data loss and system outages [5]. In lines manner, Lee [6] reminds us that organizations and its boards are striving to invest and progress within their cybersecurity environment, however, they are not focusing on defining a more establish and thorough data governance program that involves the veracity, safeguard, accessibility and usage of data. As data governance is a broader topic and in fact, overlaps with cybersecurity, it involves more aspects than just cybersecurity itself, including issues that should be on organizations’ main priorities, as well as including the compliance with the data regulation and privacy rules that should govern the data of an organization [6]. As such, according to Janssen [7], data governance has been given throughout the years an insufficient and scant consideration and awareness, being it overlooked by organisations in their efforts to strive for a robust data governance framework. Accordingly, the authors urge the readers to the fact that organizations are keener on exploiting and experimenting Artificial Intelligence (AI) rather than focus on the processes of acquiring, collecting and preparing quality data, that could be used by, for example, AI mechanisms. The process of acquiring the data and managing its quality, takes most of the time and effort invested, but organizations still give this process less consideration. However, organisations should focus on pursuing activities that are aiming at allowing them to be able to identify univocally the datasets, its nature and source, to design and acknowledge the impact of the existing data flows and to promote increases in the awareness around and about the importance of data governance and quality [7]. Moreover, according to Ragan [2] organizations should only be able to conduct and complete digital forensics investigations and analysis that are most accurate and acknowledge data at its richest, after having defined and implemented a robust data governance framework that allow organizations to understand and mature the value of their data and the systems where it resides and flows. By doing so, organizations can then complete their forensics activities and identify potential issues that may arise, avoiding having little to insufficient knowledge of their data, that could potentially lead those investigations into bad decisions and/or inaccurate results [2].

Being things considered, different and complex challenges are arising regarding the governance of organizations, namely to keep up and adapt to different realities and new developments, as well as the challenge for the leaders of organizations to be able to acknowledge the importance of data governance, and the several different opportunities and risks that may arise from the poor governance of data [1]. Organizations are now more than ever, focused on the use of technologies as a service and a tool to be able to improve its business and operations, and to be better suit to compete in a dynamic and fast-paced market and profit competition [1]. In lines manner, organizations are being more and more affected by data points and data silos, which represents repositories that are held by one or more individuals, which is not easily or fully accessed and available to other individuals of the same organizations, which is increasing the importance of having an adequate and robust data governance and quality strategy and framework, implemented [5]. Similarly, Sifter [8], expresses that even large institutions like banks and financial institutions tend to end up with data silos, where each business unit/areas tend to rely and use separate data sources, systems and technologies, which can be addressed by implementing a sound data governance and establish its foundations within the roots of organizations. Hence, there is the urge and the need for organizations to be able to implement an effective information governance strategy and framework, so that the creation of value and minimization of risks can be promoted [1,4]. Likewise, data governance challenges are rising each day, especially when taking into account the ever-lasting growth of data, as well as the race to be able to create and drive competitive advantages within the market and its industry and improve efficiency regarding the exploration and usage of data and information [9]. As matter of fact, organizations are focusing on defining what position and individuals can lead and manage their data governance framework and environment, for example, the role of CDO, Chief Data Officer or Chief Digital Officer. Ragan [2] emphasize the relevancy for organizations to define a person/role that is responsible for the digital governance program, defining it as a Data Czar. However, the definition and implementation of this role of leadership is bringing several challenges for organisations, namely, through the high level of change resistance that stakeholders demonstrate. As a result, as data governance and its implications may be a recent topic to organizations, one of the challenges regards the maturity of knowledge that CDOs have, namely, because, most new CDO’s may be learning through the on-the-job experience, as such, data governance will represent a difficult task of creating a strategy that is aligned with the business vision, values, strategy and goals without knowing the business and its operation to the fullest. Given this, it will also be a challenge for CDOs to establish performance metrics and indicators that are tied and aligned with the business operation and its goals. Hence and as the data governance process is a complex one which organizations are still yet to understand to its mellowest, it can be difficult for CDO’s to strive for a budget and leadership commitment that deeply supports the data governance activity rather than, setting high expectations without investing on this activity [9].

As previously described, the focus of organizations in data governance is shifting as, according to Petzold [10], data governance can be positioned as one of the top three differences between organizations that are able to capture and generate value to those who unsuccessfully are able to leverage on data. As such, organizations are nowadays considering and defining leadership roles that target the importance of technology and data governance. Bennett [1] considers that it is vital for organizations to understand how data governance and its activities may be carried out and which criteria should be followed. Else, organizations may be increasing its risks, namely, regarding the privacy obligations of the data and information that it holds, resulting in negative reputational and financial exposure. In addition, different authors highlighted the crucial need for organizations to have robust auditing policies to ensure that their data, and their data governance and quality strategy and framework is being applied in an efficient, adequate, regulated and compliant manner [5,11].

Therefore, it is important for organisations to acknowledge what data governance means. For Sifter [8], data governance can be perceived as a highly managed and organized assortment of resources and assets that provides and sustains data as a “businesscritical asset” [8]. Sharing the same thoughts, Ragan [2] consider data governance, the discipline that enables organisations to leverage and use data, in a way that conveys the organizations’ needs, as well as empowers the alignment between the business strategy with the data available. Accordingly, the authors denote that the data governance process and its success is directly tied to the culture that is being promoted and defined within the organization and to the commitment of the organization’s administration and human capital to data governance [2]. As such, Hoppszallern [4] exhibits the relevance of governance regarding the information technology as well as, the potential impacts that a weaker or undefined information technology governance may have in the organization and its operations, while emphasizing the value of data governance and applying analytics to the entire organization as a way to drive the creation of value. Equally, Sifter [8], perceives that data governance excellence can address challenges from “people, process and technology”, allowing organization to solve issues regarding data management and to maintain a sustainable integrity regarding the governance of their data and technologies [8]. Moreover, the literature reflects that data governance is one of the most important fields to which organizations must look to encompass into their business and operating. In fact, data governance can be perceived as the “critical fuel for the financial success”, considering that this field is even more crucial because the why of data governance is a “future governed by data” [2]. Accordingly, Rivett [12] emphasizes that data governance represents a gap that organizations need to fill, highlighting the importance of this topic as it is more complex each day. Furthermore, organizations are looking into data governance as a conjoint number of different policies, procedures and practices oriented to control and monitor the quality of their data and with that, be compliant with different and relevant legal and ethical regulations and requirements. However, organizations must not forget that data governance’s focus is not just the data itself, it goes beyond it, namely into the systems thorough how the data is gathered, acquire, managed, monitored and used as well as who and how people are managing this data and its quality [7].

As data governance is a complex and an emergent discipline, being perceive amongst the most crucial and complex operations of an organization and a gap that companies are still yet to fill, there is the need for organizations to understand and perceive data governance in its fullest [13,5,8]. Likewise, organizations need to acknowledge that designing, defining, implementing and monitoring a data governance framework and its strategy, demands the investment of resources, like human capital, time and assets, which takes time to develop and to be able to have a robust and solid data governance structure, framework and culture that addresses the risks of data and that leverages on data to improve operations, enterprise administration, compliance, supporting the decision-making process of an organization [14,8].

This work was supported by Project “SAMA EDU.IA”, operation number: POCI-05-5762-FSE-000199, financed by the Program COMPETE 2020, Portugal 2020.

1. Bennett S (2015) Why information governance needs top-down leadership. Governance Directions 67(4): 207-212.
2. Ragan RK, Strasser TB (2020) Understanding the how and why of CU data governance. Credit Union Times 31(10): 10-10.
3. Hassan S, Chindamo P (2017) Effective data governance: From strategy through to implementation. Governance Directions 69(4): 207-210.
4. Hoppszallern S (2015) Governance strategies can determine success of IT projects. H&HN: Hospitals & Health Networks 89(4): 20-20.
5. Johnston M (2016) Are you prepared for your next data disaster? Network World Asia 13(2): 52-52.
6. Lee PA (2019) Why data governance should be part of your boardroom conversations. NACD Directorship 45(6): 68-68.
7. Janssen M, Brous P, Estevez E, Barbosa LS, Janowski T (2020) Data governance: Organizing data for trustworthy Artificial Intelligence. Government Information Quarterly 37(3).
8. Sifter CJ (2017) Establishing a data governance center of excellence within your bank. New Jersey Banker, pp. 24-25.
9. Paredes D (2016) The six steps to become a successful CDO. CIO, pp. 4-4.
10. Petzold B, Roggendorf M, Rowshankish K, Sporleder C (2020) Designing data governance that delivers value. McKinsey Insights.
11. Perrin A (2020) Data governance in the age of programmatic advertising. Information Today 37(2): 35-35.
12. Rivett P (2015) Are you creating a data swamp? KM World 24(3): S5-S5.
13. Alhassan I, Sammon D, Daly M (2019) Critical success factors for data governance: A telecommunications case study. Journal of Decision Systems 28(1): 41-61.
14. Lancaster J, Ledford L, Stephens J (2019) Structure your data governance. Business Officer 52: 19-19.